<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class M_user extends CI_Model {
    
	/*设置连接的表名称*/
	var $table = 'users';
	/*设置session的有效时间*/
	var $max_idle_time = 300;

    function __construct()
    {
        parent::__construct();
    }
    
	/*保存用户的注册信息此时密码已加密，返回一个ID*/
	function save( $user_data ) {
		$this->db->insert($this->table , $user_data); 
		return $this->db->insert_id();
	}
	
	// Update an existing user
	function update( $user_data ) {
		if (isset($user_data['id'])) {
			$this->db->where('id', $user_data['id'] );
			$this->db->update( $this->table , $user_data); 
			return $this->db->affected_rows();
		}
		return false;
	}
	
	/*验证用户名是否合法*/
	function get_by_username( $username ) {
		$query = $this->db->get_where($this->table, array('username' => $username), 1);
		if( $query->num_rows() > 0 ) return $query->row_array();
		return false;
	}
	
	/*设置登录的session*/
	function allow_pass( $user_data ) {
		$this->session->set_userdata( array( 'last_activity' => time(), 'logged_in' => 'yes', 'user' => $user_data ) );
	}
	
	/*判断用户是否登录，并根据相应情况设置session*/
	function is_logged_in() {
		/*session保存三个字段,用户名,登录状态,登录时间*/
		/*获取session中的变量赋值给局部变量*/
		$last_activity = $this->session->userdata('last_activity');
		$logged_in = $this->session->userdata('logged_in');
		$user = $this->session->userdata('user');
		
		/*判断是否登录，登录是否超时*/
		if ( ($logged_in == 'yes') 
		&& ((time() - $last_activity) < $this->max_idle_time )) {
			/*已登录未超时，重新设置session，更新登录时间*/
			$this->allow_pass( $user );
			return true;
		} else {
			/*未登录或session过期，清空session*/
			$this->remove_pass();
			return false;
		}
	}
	
	/*清空过时的session*/
	function remove_pass() {
		$array_items = array('last_activity' => '', 'logged_in' => '', 'user' => '');
		$this->session->unset_userdata($array_items);
	}
	
	// get user by id
	function get_by_id( $id ) {
		$query = $this->db->get_where($this->table, array('id' => $id), 1);
		if( $query->num_rows() > 0 ) return $query->row_array();
		return false;
	}

	// Check if email address already exists
	function email_exists( $email ) {
		$query = $this->db->get_where($this->table, array('email' => $email), 1);
		if( $query->num_rows() > 0 ) return true;
		return false;
	}
	
	// Check if username already exists
	function username_exists( $username ) {
		$query = $this->db->get_where($this->table, array('username' => $username), 1);
		if( $query->num_rows() > 0 ) return true;
		return false;
	}
	
	/*将用户注册的密码加盐后哈希再后加盐*/
	function hash_password( $password ) {
		$salt = $this->generate_salt();
		/*返回加密后的结果*/
		return $salt.'.'.md5( $salt.$password);
	}
	
	/*验证密码是否合法*/
	function check_password( $password, $hashed_password ) {
		/*将库中加密的密码按.分成salt和hash*/
		list($salt, $hash) = explode('.', $hashed_password);
		/*将用户输入的密码加盐后加密再加盐*/
		$hashed2 = $salt.'.'.md5( $salt.$password);
		/*返回两者比较的bool结果*/
		return ($hashed_password == $hashed2);
	}
	
	/*为密码哈希生成一个盐值*/
	private function generate_salt( $length = 10 ) {
        $characterList = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        $i = 0;
        $salt = "";
        while ($i < $length) {
			/*mt_rand函数随机产生一个数字*/
            $salt .= $characterList{mt_rand(0, (strlen($characterList) - 1))};
            $i++;
        }
        return $salt;
	}
	
}

/* End of file m_user.php */
/* Location: ./application/models/m_user.php */